File tree Expand file tree Collapse file tree
advisories/unreviewed/2026/05/GHSA-97jf-46m3-8953 Expand file tree Collapse file tree Original file line number Diff line number Diff line change 11{
22 "schema_version" : " 1.4.0" ,
33 "id" : " GHSA-97jf-46m3-8953" ,
4- "modified" : " 2026-05-12T18:30:42Z " ,
4+ "modified" : " 2026-05-12T18:30:48Z " ,
55 "published" : " 2026-05-12T18:30:42Z" ,
66 "aliases" : [
77 " CVE-2026-33117"
88 ],
9+ "summary" : " Security feature bypass vulnerability in Azure Key Vault Keys library for Java" ,
910 "details" : " Improper authentication in Azure SDK allows an unauthorized attacker to bypass a security feature over a network." ,
1011 "severity" : [
1112 {
1213 "type" : " CVSS_V3" ,
1314 "score" : " CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
1415 }
1516 ],
16- "affected" : [],
17+ "affected" : [
18+ {
19+ "package" : {
20+ "ecosystem" : " Maven" ,
21+ "name" : " com.azure:azure-security-keyvault-keys"
22+ },
23+ "ranges" : [
24+ {
25+ "type" : " ECOSYSTEM" ,
26+ "events" : [
27+ {
28+ "introduced" : " 0"
29+ },
30+ {
31+ "fixed" : " 4.10.6"
32+ }
33+ ]
34+ }
35+ ]
36+ }
37+ ],
1738 "references" : [
1839 {
1940 "type" : " ADVISORY" ,
2647 ],
2748 "database_specific" : {
2849 "cwe_ids" : [
29- " CWE-287"
50+ " CWE-287" ,
51+ " CWE-347"
3052 ],
3153 "severity" : " CRITICAL" ,
3254 "github_reviewed" : false ,
You can’t perform that action at this time.
0 commit comments